It Security Compliance Analyst

TL;DR

IT Security Compliance Analyst: Supporting the company’s compliance program by implementing requirements, enabling audit readiness, coordinating ongoing compliance activities, and supporting external and internal audits with an accent on project management and analytical skills. Focus on managing multiple concurrent initiatives and bringing working expertise across multiple compliance frameworks.

Location: Hybrid role in the local hirify.global office in Kuala Lumpur, Malaysia.

Company

hirify.global is the global standard for process intelligence and automation, trusted by over 10,000 public and private sector organizations across 90 countries.

What you will do

• Coordinate the full compliance lifecycle, including gap analysis, remediation planning, audit execution, and continuous compliance monitoring.
• Develop, maintain, and review compliance related documentation to support training, awareness, and sustained operational effectiveness.
• Collaborate with globally distributed stakeholders across Engineering, IT, Product, HR, Legal, and other business functions to support consistent implementation of compliance requirements.
• Serve as a primary liaison for audit coordination, including facilitating interviews, walkthroughs, and evidence requests.
• Support adherence to hirify.global governance, risk, and compliance standards by assisting with the creation, review and updates of information security policies and procedures.
• Support risk management activities by assisting with security reviews and compliance risk assessments for new initiatives, technologies, and vendors.

Requirements

• Bachelor’s degree in Information Security, Information Technology, Risk Management, Business, or a related field, or equivalent practical experience.
• Working knowledge of common compliance and assurance frameworks such as SOC 2, ISO/IEC 27001, GDPR, HIPAA, FedRAMP, or similar international regulatory standards.
• Relevant certifications are preferred but not required, including: CISA, CRISC, CISSP, CCSK, ISO 27001 Lead Implementer/Auditor, or related compliance or risk certifications.
• Familiarity with common IT infrastructure, SaaS based cloud services, identity and access management concepts, and security tooling sufficient to assess control design and operational effectiveness.

Culture & Benefits

• Global Gratitude and Recharge Days.
• Flexible, paid time off policy.
• Employee wellness programs and counseling resources.
• Meaningful peer recognition and awards.
• Paid parental leave.
• Intercultural learning and celebration.